CVEFeed Newsroom – Latest Cybersecurity Updates
The "Cyber Newsroom Feed" module is a live feed of the latest cyber news enriched with CVE and vulnerability data. The feed is updated every 5 minutes and includes the latest news from the cyber security industry. The feed is designed to provide users with a comprehensive overview of the latest cyber security news and trends.
-
CybersecurityNews
50,000 WordPress Sites Exposed to Critical Ninja Forms File Upload RCE Vulnerability
A critical security flaw in the popular WordPress plugin “Ninja Forms – File Upload” has left approximately 50,000 websites vulnerable to complete takeover. Tracked as CVE-2026-0740, this flaw boasts ...
-
security.nl
Cisco meldt grootschalige diefstal van inloggegevens via React2Shell-lek
Aanvallers hebben honderden servers via het React2Shell-lek gehackt om zo allerlei inloggegevens te stelen, dat meldt Cisco in een analyse. Via de kwetsbaarheid kan een ongeauthenticeerde aanvaller op ...
-
The Hacker News
China-Linked Storm-1175 Exploits Zero-Days to Rapidly Deploy Medusa Ransomware
A China-based threat actor known for deploying Medusa ransomware has been linked to the weaponization of a combination of zero-day and N-day vulnerabilities to orchestrate "high-velocity" attacks and ...
-
The Cyber Express
FortiClientEMS Vulnerabilities Under Active Exploitation, Expose Systems to RCE
A newly disclosed set of vulnerabilities affecting Fortinet’s endpoint management platform has raised serious concerns among cybersecurity professionals, particularly as both flaws are already being a ...
-
The Hacker News
Flowise AI Agent Builder Under Active CVSS 10.0 RCE Exploitation; 12,000+ Instances Exposed
Threat actors are exploiting a maximum-severity security flaw in Flowise, an open-source artificial intelligence (AI) platform, according to new findings from VulnCheck. The vulnerability in question ...
-
Daily CyberSecurity
Android Security Bulletin April 2026: Critical Framework Patch Targets “Zero-Interaction” DoS Vulnerability
Google has released its Android Security Bulletin for April 2026, delivering a suite of critical security fixes for the world’s most popular mobile operating system. The update is divided into two dis ...
-
The Register
AI agents found vulns in this popular Linux and Unix print server
In the latest chapter on leaky CUPS, a security researcher and his band of bug-hunting agents have found two flaws that can be chained to allow an unauthenticated attacker to remotely execute code and ...
-
The Register
Attackers exploited this critical FortiClient EMS bug as a 0-day
Fortinet released an emergency patch over the weekend for a critical FortiClient Enterprise Management Server (EMS) bug believed to be under attack since at least March 31. The flaw, tracked as CVE-20 ...
-
CybersecurityNews
CISA Warns of Fortinet 0-Day Vulnerability Actively Exploited in Attacks
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has added CVE-2026-35616, a critical improper access control vulnerability in Fortinet FortiClient Enterprise Management Server (EMS), ...
-
Daily CyberSecurity
The 24-Hour Blitz: Storm-1175 Weaponizes Zero-Days for High-Velocity Ransomware
Storm-1175 attack chain | Image: Microsoft A new report from Microsoft Threat Intelligence has exposured on Storm-1175, a financially motivated threat actor that has mastered the art of the high-veloc ...